This commit is contained in:
borekon 2021-10-19 12:04:02 +02:00
parent f950a89cea
commit a2f70b4fac
3 changed files with 18 additions and 11 deletions

3
awk Normal file
View File

@ -0,0 +1,3 @@
iptables: /usr/sbin/iptables /sbin/iptables /usr/share/iptables /usr/share/man/man8/iptables.8.gz
{print:
}:

26
blocklist.sh Normal file → Executable file
View File

@ -1,19 +1,23 @@
#!/bin/bash
IPTABLES_PATH="/sbin/iptables"
IPSET_PATH="/sbin/ipset"
SORT_PATH="/usr/bin/sort"
GREP_PATH="/bin/grep"
if [ "$(whoami)" == "root" ]; then echo "root ok"; else echo "run as root!"; exit 1; fi;
#IPTABLES_PATH=$(whereis iptables | awk '{print $2}')
#IPSET_PATH=$(whereis ipset | awk '{print $2}')
#SORT_PATH=$(whereis sort | awk '{print $2}')
#GREP_PATH=$(whereis grep | awk '{print $2}')
BLOCKLISTDE="https://lists.blocklist.de/lists/all.txt"
CRWALERS="https://isc.sans.edu/api/threatcategory/research?json"
if [ -f $IPTABLES_PATH ]; then echo "iptables OK"; else echo "Cannot find [ iptables ]. Is it installed? Exiting"; exit 1; fi;
#hash iptables 2>/dev/null || { echo >&2 "I require iptables but it's not installed. Aborting."; exit 1; }
#more in https://stackoverflow.com/questions/592620/how-can-i-check-if-a-program-exists-from-a-bash-script
if [ -f $IPSET_PATH ]; then echo "ipset OK"; else echo "Cannot find [ ipset ]. Is it installed? Exiting"; exit 1; fi;
if [ -f $SORT_PATH ]; then echo "sort OK"; else echo "Cannot find [ sort ]. Is it installed? Exiting"; exit 1; fi;
if [ ! -f $GREP_PATH ]; then echo "Cannot find [ grep ]. Is it installed? Exiting"; exit 1; fi;
#if [ -f $IPTABLES_PATH ]; then echo "iptables OK"; else echo "Cannot find [ iptables ]. Is it installed? Exiting"; exit 1; fi;
if ! command -v iptables >/dev/null; then echo "I require iptables but it's not installed."; apt install -y iptables; else echo "iptables OK"; fi;
#if [ -f $IPSET_PATH ]; then echo "ipset OK"; else echo "Cannot find [ ipset ]. Is it installed? Exiting"; exit 1; fi;
if ! command -v ipset >/dev/null; then echo "I require ipset but it's not installed."; apt install -y ipset; else echo "iptables OK"; fi;
#if [ -f $SORT_PATH ]; then echo "sort OK"; else echo "Cannot find [ sort ]. Is it installed? Exiting"; exit 1; fi;
if ! command -v sort >/dev/null; then echo "I require sort but it's not installed."; else echo "sort OK"; fi;
#if [ -x $JQ_PATH ]; then echo "jq OK"; else echo "jq not installed, installing"; apt install -y jq; fi;
if ! command -v jq >/dev/null; then echo "I require jq but it's not installed."; apt install -y jq; fi;
#if [ ! -f $GREP_PATH ]; then echo "Cannot find [ grep ]. Is it installed? Exiting"; exit 1; fi;
if ! command -v grep >/dev/null; then echo "I require grep but it's not installed."; apt install -y grep; else echo "grep OK"; fi;
echo "Downloading the most recent IP list from $BLOCKLISTDE ... and adding them to ipset blocklistde"
ipset create blocklistde hash:ip